SourceCodester Zipped Folder Manager App 代码问题漏洞

SourceCodester Zipped Folder Manager App is an open source zipped folder manager application from SourceCodester. A code issue vulnerability exists in version 1.0 of the SourceCodester Zipped Folder Manager App that stems from improper handling of the parameter folder, resulting in unrestricted...

PT-2024-38855 · Sourcecodester · Sourcecodester Zipped Folder Manager App

Name of the Vulnerable Software and Affected Versions: SourceCodester Zipped Folder Manager App version 1.0 Description: A vulnerability has been found in the SourceCodester Zipped Folder Manager App, affecting an unknown part of the file /endpoint/add-folder.php. The manipulation of the folder...

CMSsite 1.0 Shell Upload

============================================================================================================================================= | Title : CMSsite 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...

PT-2024-38419 · WordPress · File Manager Pro

Name of the Vulnerable Software and Affected Versions: File Manager Pro plugin for WordPress versions up to, and including, 8.3.7 Description: The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and capability checks in the mk file...

PT-2024-14814 · WordPress · Backwpup

Name of the Vulnerable Software and Affected Versions: BackWPup plugin for WordPress versions up to, and including, 4.0.1 Description: The issue allows authenticated attackers to store backups in arbitrary folders on the server, provided they can be written to by the server. This is achieved via...

CraftOS-PC 2 安全漏洞

CraftOS-PC 2 is a fast, modern, feature-rich ComputerCraft simulator written in C++ by the individual developer JackMacWindows. A security vulnerability exists in CraftOS-PC 2 versions prior to 2.8.3, which stems from the fact that a user can obfuscate ... bypassing an internal check that prevent...

CVE-2024-38165

Windows Compressed Folder Tampering Vulnerability...

CVE-2024-38165

Windows Compressed Folder Tampering Vulnerability...

CVE-2024-38165 Windows Compressed Folder Tampering Vulnerability

...

CVE-2024-38165 Windows Compressed Folder Tampering Vulnerability

...

CVE-2024-38165

CVE-2024-38165 corresponds to Windows Compressed Folder Tampering. The Kaspersky advisory confirms a tampering vulnerability in Windows Compressed Folder that can be exploited remotely to spoof the user interface. Public exploits exist per OpenVAS data. Affected products are Windows platforms aff...

Windows Compressed Folder Tampering Vulnerability

...

PT-2024-6181 · Microsoft · Windows Compressed Folder +1

Name of the Vulnerable Software and Affected Versions: Windows Compressed Folder affected versions not specified Description: The issue is related to incorrect external management of a file's name or path in Windows operating systems. This can allow a remote attacker to gain unauthorized access t...

Voltronic Power ViewPower elevation of privilege vulnerability (CNVD-2025-21587)

Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower suffers from an elevation of privilege vulnerability that is caused by incorrect permissions being set on a folder. An attacker could use this vulnerability to escalate...

CVE-2024-42481 Complete crash of host system due to calculateDirectorySize in skyportd

Skyport Daemon skyportd is the daemon for the Skyport Panel. By making thousands of folders & files easy due to skyport's lack of rate limiting on createFolder. createFile, skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2...

Exam Form Submission 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Exam Form Submission v1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

CVE-2024-31202

A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation...

The vulnerability of the OpenAPI Generator software for automatically generating client libraries arises from incorrect restrictions on the path name to the restricted access directory. This allows attackers to circumvent security restrictions and gain read, modify, or delete access to data.

The vulnerability of the OpenAPI Generator software for automatically generating client libraries is related to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain access to...

ROS-20240730-06

A vulnerability in the Git distributed version control system is related to the ability to create the folder "C:.git." Exploitation of the vulnerability could allow an attacker to run arbitrary commands...

CVE-2024-41139

Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privile...